Comments on "Verifiable and Exculpable Outsourced Attribute-Based Encryption for Access Control in Cloud Computing"

作     者：Xiong, Hu Sun, Jianfei 

作者机构：Univ Elect Sci & Technol China Sch Informat & Software Engn Chengdu 610051 Peoples R China 

出 版 物：《IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING》 (IEEE Trans. Dependable Secure Comput.)

年 卷 期：2017年第14卷第4期

页      面：461-462页

核心收录：

学科分类：0808[工学-电气工程] 08[工学] 0835[工学-软件工程] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

基　　金：National Science Foundation of China [61370026, 61672135, 61602096] Science and Technology Project of Guangdong Province [2016A010101002] Sichuan Science-Technology Support Plan Program [2016JZ0020] Fundamental Research Funds for the Central Universities [ZYGX2016J091] 

主　　题：Attribute-based encryption outsourced computation verifiability 

摘      要：Recently in IEEE Transactions on Dependable and Secure Computing (TDSC) (doi: 10.1109/TDSC.2015.2499755), Ma et al. proposed a new construction of attribute-based encryption (ABE) which can outsource the complicated encryption task to Encryption Service Provider (ESP) in a verifiable manner. Despite the authors claimed that the results of the outsourced encryption can be checked by the user, we show that Ma et al. s proposal fails to provide the verifiability property for outsourced encryption, the most essential security goal that a verifiable computation scheme should achieve. Specifically, by giving concrete attacks, we demonstrate that the ESP can return forged intermediate ciphertext to the user without being detected.